Skip to Main content Skip to Navigation
New interface
Conference papers

Combined Forest: a New Supervised Approach for a Machine-Learning-based Botnets Detection

Christophe Maudoux 1 Selma Boumerdassi 1 Alex Barcello 2 Eric Renault 2 
1 CEDRIC - ROC - CEDRIC. Réseaux et Objets Connectés
CEDRIC - Centre d'études et de recherche en informatique et communications
Abstract : Nowadays, botnet-based attacks are the most prevalent cyber-threats type. It is therefore essential to detect this kind of malware using efficient bots detection techniques. This paper presents our security anomalies detection system, based on a model that we named Combined Forest. Our approach consists of merging some pre-processed Decision Trees to highlight different kinds of botnet by detecting their intrinsic exchanges. Using a supervised data approach, each tree is built from a labelled dataset. In order to achieve this, we aggregate the IP-flows into Traffic-flows to extract key features and avoid over-fitting. Then, we tested different machine learning algorithms and selected the most suitable one. After that, many experiments have been done to determine the best parameters and design the most accurate, adaptative and efficient model.
Complete list of metadata

https://hal.archives-ouvertes.fr/hal-03502868
Contributor : CHRISTOPHE MAUDOUX Connect in order to contact the contributor
Submitted on : Sunday, December 26, 2021 - 3:01:36 PM
Last modification on : Wednesday, September 28, 2022 - 5:55:31 AM
Long-term archiving on: : Monday, March 28, 2022 - 9:19:10 AM

File

Botnets_detection_based-on_ML_...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-03502868, version 1

Citation

Christophe Maudoux, Selma Boumerdassi, Alex Barcello, Eric Renault. Combined Forest: a New Supervised Approach for a Machine-Learning-based Botnets Detection. IEEE GLOBECOM, Dec 2021, Madrid, Spain. ⟨hal-03502868⟩

Share

Metrics

Record views

108

Files downloads

115